Method for operating a conditional access system for broadcast applications

ABSTRACT

In a method for operating a conditional access system for broadcast applications, the conditional access system comprising a number of subscribers and each subscriber having a terminal including a conditional access module and a secure device for storing entitlements, a source signal is encrypted using a first key (C W ). The encrypted source signal is broadcasted for receipt by the terminals, wherein entitlement control messages (ECM&#39;s) are sent to the secure devices, the ECM&#39;s comprising the first keys (C W ) encrypted using a service key (P T ). Entitlement management messages (EMM&#39;s) are sent to the secure devices providing the service key (P T ) required to decrypt encrypted first keys (C W ). A cracked secure device which is used in an unauthorised manner is traced by sending different keys required to obtain the first keys to different terminals or groups of terminals and monitoring the key information provided by a pirate. To this end search EMM&#39;s are sent to at least a part of the terminals, the search EMM&#39;s providing at least the service key (P T ) and a dummy key (P D1  or P D2 ). At least the search EMM&#39;s comprise identifiers identifying the keys (P T  and P D1  or P D2 ), wherein first search EMM&#39;s with the keys (P T  and P D1 ) are sent to a first part of the terminals and second search EMM&#39;s with the keys (P T  and P D2 ) are sent to a second part of the terminals An ECM identifying the service key (P T ) to be used to decrypt the encrypted first key (C W ), is sent to all secure devices just before the first key (C W ) is needed to decrypt the source signal.

[0001] The invention relates to a method for operating a conditionalaccess system for broadcast applications, said conditional access systemcomprising a number of subscribers, each subscriber having a terminalincluding a conditional access module and a secure device for storingentitlements, wherein a source signal is encrypted using a first key(C_(W)), said first key (C_(W)) being changed at a high rate, saidencrypted source signal being broadcasted for receipt by the terminals,wherein entitlement control messages (ECM's) are sent to the securedevices, said ECM's comprising the first keys (C_(W)) encrypted using aservice key (P_(T)), wherein entitlement management messages (EMM's) aresent to the secure device providing the service key (P_(T)) required todecrypt encrypted first keys (C_(W)), wherein a cracked secure devicewhich is used in an unauthorised manner is traced by sending differentkeys required to obtain the first keys to different terminals or groupsof terminals and monitoring the key information provided by a pirate.

[0002] Conditional access systems for broadcast applications are usedfor example in pay television operations wherein one has to subscribe tobe entitled to watch a channel, a service or an event. In view of thehigh numbers of subscribers and thereby high numbers of secure devicesdistributed among the subscribers, the secure devices are open to attackby unauthorised persons trying to extract the unique key of a securedevice. The secure devices are generally provided in the form of smartcards. If an unauthorised person or pirate succeeds to extract theunique key, the smart card is cracked and the pirate is able todistribute global keys over the internet, for example the first key orservice key, to set up a pirate subscriber network.

[0003] When the service provider establishes that the conditional accesssystem has been hacked, it is necessary to trace the cracked smart cardor smart cards. A known method to trace a cracked smart card is toperform a so-called binary search on the base of smart cards which havebeen issued. According to this known method, a false key is published tohalf the smart cards and a true key to the other half. The pirate willpublish either the false or true key on the internet and from the keypublished by the pirate, it is possible to narrow down to which half ofthe base the cracked smart card belongs. In a next step again a falsekey is published to one half of this located half of the base of smartcards and a true key to the other half of the base and again it can bededuced from the key published by the pirate in which half the crackedsmart card is located. By repeating these steps, the cracked smart cardcan be located and switched off. A disadvantage of such a binary searchis that legal subscribers will continuously see blacked out screensduring the time the search is performed. If such search activities arerepeatedly necessary and continue for long periods, this will lead tosubscriber dissatisfaction.

[0004] The invention aims to provide a method of the above-mentionedtype wherein causing blacked out screens at legal subscribers isrestricted as much as possible or even completely avoided.

[0005] To this end the method of the invention is characterized in thatsearch EMM's are sent to at least a part of the terminals, said searchEMM's providing at least the service key (P_(T)) and a dummy key (P_(D1)or P_(D2)), at least the search EMM's comprising identifiers identifyingthe keys (P_(T) and P_(D1) or P_(D2)), wherein first search EMM's withthe keys (P_(T) and P_(D1)) are sent to a first part of the terminalsand second search EMM's with the keys (P_(T) and P_(D2)) are sent to asecond part of the terminals, wherein an ECM identifying the service key(P_(T)) to be used to decrypt the encrypted first key (C_(W)), is sentto all secure devices just before the first key (C_(W)) is needed todecrypt the source signal.

[0006] In this manner it is obtained that at all legal subscribers, thesecure device receives the identification of the service key to be usedto decrypt the first key in time before the first key is needed todecrypt the source signal. Therefore there will be no blacked outscreens at legal subscribers. However, when the pirate receives theidentification of the service key to be used, the pirate hasinsufficient time to publish the correct key in advance. The delay timebetween the receipt of the identification of the service key to be usedand the encrypted source signal to be decrypted with the first key istoo short to distribute the correct key over the internet. Therefore, ifthe pirate does not publish all keys available to the pirate, the piratesubscribers will have blacked out screens repeatedly depending on therate of publishing dummy keys. In view of the publishing of all keysavailable to the pirate, the same type of binary search as in the priorart can be applied to locate the cracked smart card.

[0007] According to a further embodiment of the method of the invention,a set of search EMM's is sent to the terminals, each search EMMproviding two keys (P_(T) and P_(D1), P_(T) and P_(D2), . . . , P_(T)and P_(Dn)). In this manner the number of iteration steps in the binarysearch can be significantly reduced depending on the size of the set ofsearch EMM's.

[0008] As an alternative embodiment, a set of search EMM's is sent to atleast a portion of the terminals, each search EMM of the set comprisinga different dummy key (P_(D)) and each EMM being sent to a differentpart of the terminals.

[0009] In this manner the cracked smart card or smart cards used by thepirate can be located in a few or even only one step so that although ablacked out screen will be seen by the legal subscribes, this will notlead to subscriber dissatisfaction.

[0010] In a further alternative embodiment of the method of theinvention the encrypted source signal comprises a stream of datapackets, wherein successive groups including at least one data packet,are encrypted using successive first keys(C_(W1), C_(W2), . . . ,C_(Wi), . . . , C_(Wn)), each data packet having a flag indicating thefirst key (C_(Wi)) to be used for decrypting the data packet, wherein instead of an ECM identifying the service key (P_(T)) an ECM identifying adummy key (P_(D1) or P_(D2)) to be used to decrypt a next encryptedfirst key (C_(Wi)), is sent to the secure devices of the first andsecond parts of the terminals, respectively, just before the first key(C_(Wi)) is needed to decrypt the source signal, whereas the data packetis encrypted using the previous first key(C_(Wi-1))

[0011] In this manner the pirate is forced to respond to the ECM bytransmitting the first key decrypted by using a dummy key, to the piratedecoders. By means of this false key published by the pirate the crackedsmart card can be traced. The service provider actually uses theprevious first key to scramble the next data packet so that allsubscribers can descramble this data packet using the previous first keywhich is normally still available in the decoder.

[0012] The invention will be further explained by reference to thedrawings in which an embodiment of a conditional access system forbroadcast applications is shown, in which an embodiment of the method ofthe invention is implemented.

[0013]FIG. 1 schematically shows a conditional access system forbroadcast applications, in which an embodiment of the method of theinvention is implemented.

[0014]FIG. 2 schematically shows an example of a key hierarchy for usein the conditional access system of FIG. 1.

[0015] In the broadcasting application shown, three broadcasters 1-3 arecoupled with a multiplexer unit 4 comprising means for scrambling,encoding and compressing broadcast signals provided by the broadcasters1-3. The thus obtained digital data streams are multiplexed into adigital transport stream, for example in accordance with the MPEG-2standard. In the embodiment shown this digital transport stream ismodulated by way of a modulator 5 before transmission. The operator ofthe equipment including the multiplexer unit 4 and modulator 5 isresponsible for transmitting the signal to the receiving equipment ofthe public, one television set 6 being shown by way of example. Thetransmission of the signal may be carried out through one or moretelecommunication channels including a satellite link 7, terrestriallink 8 or a cable system 9. One or more of the broadcasters 1-3 may beprivate broadcasters operating according to the concept of paytelevision, which implies subscription. This means that people wishingto view programs broadcasted by a particular broadcaster, have tosubscribe to such a broadcast, and pay the appropriate fee.

[0016] Access to anyone of the broadcast signals provided by thebroadcasters 1-3 requires a terminal 10 which for the subscriptionrequiring services includes a conditional access module 11 and a securedevice 12, generally provided in the form of a smart card which can beconnected to the conditional access module 11. The remaining part of theterminal 10 is known as such and needs not be described in detail.

[0017] In the broadcast application of FIG. 1, for example broadcaster 1may be a pay television operator using a conditional access system witha number of subscribers, each subscriber having a terminal 10 withconditional access module 11 and smart card 12. Such a conditionalaccess system may use a key hierarchy, an example of which isschematically shown in FIG. 2. The broadcaster side is shown at theleft, whereas the subscriber side is shown at the right of FIG. 2. Asshown the broadcaster scrambles the source signal by means of ascrambler 13, wherein the source signal is scrambled using a first keyor control word C_(W). In this manner an encrypted source signal isobtained which is multiplexed by the multiplexer 4. At the subscriber'sside, the encrypted source signal is descrambled to obtain the clearsource signal in a descrambler 14 using the first key C_(W). Forsecurity reasons, the key C_(W) is generally changed at the high rate,for example every ten seconds.

[0018] The control word or first key C_(W) is sent to the subscribers inso-called entitlement control messages or ECM's which are scrambled asindicated by reference numeral 15 using a service key P_(T). Thesescrambled ECM's are decrypted at the subscriber's side using the sameservice key P_(T), as indicated by reference numeral 16. At a higherlevel of hierarchy the service keys are sent in so-called entitlementmanagement messages or EMM's in a scrambled manner as indicated byreference 17 using a group key G and these scrambled EMM's aredescrambled at the subscriber's side using the same group key G asindicated by reference 18. Finally, a group key can be distributed tosubscribers using individual smart card keys and/or smart cardaddresses. It will be understood that this example of key hierarchy isdescribed by way of non-limiting example only.

[0019] As a large number of smart cards 12 is distributed among thesubscribers of broadcaster 1, these smart cards are open to attack byunauthorised persons or pirates to extract the secret individual keyfrom the smart card. If a pirate succeeds in extracting the individualkey, the pirate is able to obtain any of the keys used in theconditional access system in the clear and he can distribute keys overthe internet to subscribers of his pirate network.

[0020] If the broadcaster 1 notices that one or more of his smart cards12 have been cracked, he can start a search for the cracked smart cardor smart cards in the following manner.

[0021] Instead of the usual EMM's distributing service keys P_(T),special search EMM's are sent to the terminals 10, wherein a search EMMprovides a true service key P_(T) and a false or dummy key P_(D1) tohalf of the subscribers and the true service key P_(T) and a seconddummy key P_(D2) to the other half. Usually an EMM comprises anidentifier for the service key and in the same manner the search EMM'salso comprise identifiers for the keys P_(T) and P_(D1) or P_(D2). Ofcourse these search EMM's will be received both by the legal subscribersand by the pirate. A very short time before the service key P_(T) is tobe used to decrypt a control word C_(W), an ECM is published includingan identifier indicating the key to be used to decrypt the control wordC_(W), i.e. the true service key P_(T).

[0022] The advance warning provided by the ECM comprising the identifierof the service key P_(T), is just sufficient to decrypt the control wordC_(W) before the control word is needed to decrypt the encrypted sourcesignal. This means that although the pirate also receives the identifierof the true service key P_(T), there is insufficient time for the pirateat the publishing of the ECM to publish the correct key P_(T) in advanceon the internet. If the pirate does not take any further action, thepirate subscribers will have blacked out screens every few minutes ofeven seconds. This means that the pirate is forced to publish the keysrequired to decrypt the ECM in advance of the ECM being transmitted.Through publishing either dummy key P_(D1) or P_(D2), the pirate can belocated by consecutive iteration steps as described above.

[0023] The method described shows the advantage that there will be noblacked out screens at the legal subscribers, as the smart card 12 atthe legal subscribers has sufficient time to use the correct service keyto descramble the control word C_(W).

[0024] In order to restrict the number of iteration steps, a set ofsearch EMM's could be used, wherein each search EMM of the set providestwo keys, i.e. the true service key P_(T) and a dummy key P_(T1) orP_(D2) or . . . P_(Dn). Each EMM of the set is sent to a different groupof smart cards, so that the dummy key P_(Di) published immediatelyindicates the group of smart cards to which the cracked one belongs.

[0025] As a further complication to a pirate the following method can beapplied, wherein some characteristics of an encrypted source signal areused. Generally the encrypted data stream comprises data packets,wherein each next data packet or group of data packets is scrambledusing a next first key C_(Wi). A header flag of the data packet or groupof data packets indicates the serial number i of the first key used forscrambling so that the terminal 10 knows which of the first keysprovided must be used for descrambling a data packet or group received.According to the invention an ECM is transmitted which indicates thatthe next key will be one of the dummy keys P_(D1) or P_(D2). However,the next data packet or group is scrambled using the previous first keyC_(Wi-1). As the pirate can not distinguish between the different keysand can not predict whether an indication to use a specific key is trueor not, the pirate will be forced to publish the key descrambled usingthe dummy key. Through publishing this descrambled key the pirate can belocated by consecutive iteration steps as described above. At thesubscribers the header flag of the data packet will cause use of thecontrol word C_(Wi-1), so that normal operation of the terminal isobtained. This method can be used advantageously in case a pirate has avery fast responding system, which would allow the pirate to publishdecrypted first keys only in stead of the dummy key itself.

[0026] In an alternative embodiment of the method described, a crackedsecure device can be traced by using a type of cryptography, wherein itis possible to generate a set of keys, each key being capable ofdecrypting the same cryptogram. As an example of such type ofcryptography an RSA multiple-key cryptographic algorithm or asecret-sharing algorithm can be used. As the cryptography as such is nota part of the present invention, reference is made to the book AppliedCryptography by Bruce Schneier, in particular chapter 23, for a furtherexplanation of this type of cryptography. For example the EMM's areencrypted using a multiple-key algorithm having a set of keys P_(i)capable of decrypting the EMM. Depending on the number of keys of theset and the number of terminals, each terminal or each group ofterminals is provided with a different key P_(i), so that if a piraterebroadcasts the key, the source, i.e. the cracked secure device, can betraced. It is also possible to apply this special type of cryptographyon the source signal, so that in stead of one control word C_(W) a setof control words C_(i) is capable of decrypting the encrypted sourcesignal.

[0027] The same result can be achieved with a secret-sharing algorithm,wherein one or more shares are required to derive the key required forobtaining the control words. By distributing different shares todifferent terminals or groups of terminals, the cracked secure devicecan be traced.

[0028] It is noted that the number of keys or shares need not to belarge. By varying the grouping structure, i.e. the distribution of theterminals on the different groups, it is possible to trace the crackedsecure device by monitoring the sequence of keys or shares which arerebroadcast by the pirate. It is observed that the same method ofvarying the grouping structure can be used in all above-describedembodiments of the invention.

[0029] If it is deemed acceptable that legal subscribers will have avery restricted number of blacked out screens during a search for acracked smart card, the following method could be used. A special set ofsearch EMM's is distributed to all smart cards, wherein each group ofsubscribers receives a false service key P_(F). The pirate willdistribute the false service key which identifies the group to which thecracked smart card belongs. Within this group in a further step thecracked smart card can be located by distributing within the group afurther set of false keys.

[0030] In the embodiments described the conditional access module 11 andthe secure device 12 are shown as physically separate devices. It willbe understood that the conditional access module and/or the securedevice can also be part of the terminal 10 or implemented in theterminal 10 by suitable programming. Therefore, the terms conditionalaccess module 11 and secure device 12 as used in the specification andclaims are not restricted to physically separate parts.

[0031] The invention is not restricted to the above-describedembodiments which can be varied in a number of ways within the scope ofthe claims.

1. Method for operating a conditional access system for broadcastapplications, said conditional access system comprising a number ofsubscribers, each subscriber having a terminal including a conditionalaccess module and a secure device for storing entitlements, wherein asource signal is encrypted using a first key (C_(W)), said first key(C_(W)) being changed at a high rate, said encrypted source signal beingbroadcasted for receipt by the terminals, wherein entitlement controlmessages (ECM's) are sent to the secure devices, said ECM's comprisingthe first keys (C_(W)) encrypted using a service key (P_(T)), whereinentitlement management messages (EMM's) are sent to the secure deviceproviding the service key (P_(T)) required to decrypt encrypted firstkeys (C_(W)), wherein a cracked secure device which is used in anunauthorised manner is traced by sending different keys required toobtain the first keys to different terminals or groups of terminals andmonitoring the key information provided by a pirate, characterized inthat search EMM's are sent to at least a part of the terminals, saidsearch EMM's providing at least the service key (P_(T)) and a dummy key(P_(D1) or P_(D2)), at least the search EMM's comprising identifiersidentifying the keys (P_(T) and P_(D1) or P_(D2)), wherein first searchEMM's with the keys (P_(T) and P_(D1)) are sent to a first part of theterminals and second search EMMM's with the keys (P_(T) and P_(D2)) aresent to a second part of the terminals, wherein an ECM identifying theservice key (P_(T)) to be used to decrypt the encrypted first key(C_(W)), is sent to all secure devices just before the first key (C_(W))is needed to decrypt the source signal.
 2. Method according to claim 1,wherein the encrypted source signal comprises a stream of data packets,wherein successive groups including at least one data packet, areencrypted using successive first keys(C_(W1), C_(W2), . . . , C_(Wi), .. . , C_(Wn)), each data packet having a flag indicating the first key(C_(Wi)) to be used for decrypting the data packet, wherein in stead ofan ECM identifying the service key (P_(T)) an ECM identifying a dummykey (P_(D1) or P_(D2)) to be used to decrypt a next encrypted first key(C_(Wi)), is sent to the secure devices of the first and second parts ofthe terminals, respectively, just before the first key (C_(Wi)) isneeded to decrypt the source signal, whereas the data packet isencrypted using the previous first key(C_(Wi-1)).
 3. Method according toclaim 1 or 2, wherein a set of search EMM's is sent to the terminals,each search EMM providing two keys (P_(T) and P_(D1), P_(T) and P_(D2),. . . , P_(T) and P_(Dn)).
 4. Method according to the preamble of claim1, wherein a set of search EMM's is sent to at least a part of theterminals, each search EMM of the set comprising a different dummy key(P_(D)) and each EMM being sent to a different part of the terminals. 5.Method according to claim 3 or 4, wherein the terminals are divided intogroups, wherein in a first search step the number of search EMM's of theset of search EMM's corresponds to the number of groups.
 6. Methodaccording to the preamble of claim 1, wherein the source signal or theECM's are encrypted using a multiple-key or secret-sharing cryptographicalgorithm having a plurality of different decrypting keys or shares(C_(i); P_(i)) required for decrypting the encrypted source signal orECM's, respectively, wherein said plurality of different decrypting keysor shares (C_(i); P_(i)) are sent to at least a part of the terminalssuch that different terminals or groups of terminals receive differentkeys or shares (C_(i); P_(i)) according to a predetermined distribution.7. Method according to any one of the preceding claims, wherein thedistribution of the terminals in groups of terminals is varied to tracethe cracked secure device.